New Snowden leak: Storing your data at Microsoft is negligent

Pubblicato il: 2013-07-12

In an article
published today, The Guardian describes how Microsoft is actively
cooperating with the NSA. According to the article, Microsoft is providing
the NSA with broad access to the communications of anyone using the
company's services:

Microsoft gives the NSA access to encrypted mails on Hotmail, Live.com and Outlook.com, as well as web chat messages.

Microsoft provides the NSA with easy access to its SkyDrive storage service, which currently has 250 million users worldwide.

Microsoft makes it possible for the NSA to monitor audio and video calls on the Skype service which it acquired in 2011.

"This makes it clear that trusting Microsoft with your
critical company data is downright negligent," says Karsten Gerloff,
President of the Free Software Foundation Europe. "In both the public and
the private sector, those responsible for security and data protection
urgently need to take action to protect their organisations, customers
and clients."

While it is difficult or impossible to entirely escape surveillance,
there are ways to minimise the risk that sensitive data, such as
confidential product data or patient records, is intercepted by a third
party. Free Software solutions for groupware, office products and operating
systems are fully auditable, and often data security a priority. End-to-end
encryption with Free Software products such as GnuPG and
off-the-record messaging (OTR) protects data in transit. Products
providing secure audio, video and chat communications, such as Jitsi, go a long way towards replacing
Skype.

"We advise companies and all other organisations that wish
to protect their data to use Free Software solutions, to store data
in-house wherever possible, and to cooperate only with providers whom
they trust to protect their customers' data," says Gerloff. "Such
providers will often use strong encryption, and minimise the amount of
data they store. Using smaller providers instead of global IT companies
makes it somewhat less likely that customers' data will be caught in the
NSA's dragnet."

Users should actively take control of their data and communications. One
way to do so is to support the developers of Free Software encryption
technologies, so they can continue to provide these important products.
"Now is a good time to donate to the Free Software
PGP implementation GNU Privacy Guard (GnuPG)!", says Matthias
Kirschner, FSFE's Head of Public Awareness.